Projects

List all Projects
Admin roles:
  • access_user
  • access_admin
  • reporting_user

Lists all Projects for your Team

SecuritybearerAuth
Request
path Parameters
team_name
required
string

The name of your Team

query Parameters
offset
string

The UUID of an object used as an offset for pagination

count
integer <int32>

Controls the number of objects listed per page

descending
boolean

If 'true', the most recent results are listed first

prev
boolean

Controls the direction of paging

self
boolean

If 'true', results only include Projects assigned to the current User

contains
string

If defined, results only include Projects that use the specified value in their name

traffic_forwarding
boolean

If 'true', results only include Projects that have traffic forwarding enabled

include_resource_count
boolean

If 'true', results also include the number of available resources for each project

Responses
200

OK

get/v1/teams/{team_name}/projects
Request samples 
Response samples 
application/json
{
  • "list": [
    • {
      },
    • {
      }
    ]
}
Create a Project
Admin roles: 
  • access_admin
Creates a Project for your Team


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
Request Body schema: application/json
required
create_server_users
boolean or null
(Optional) Whether to create Server Users for Users in this Project. Defaults to false. If false, you must ensure that accounts exist on the Server for each User.


 
forward_traffic
boolean or null
If true, forwards traffic to all Servers in the Project through a specified Gateway. Default is false.


 
name
required
string <regex>   [ 1 .. 255 ] characters ^[\w\-_.]+$
The name of the Project


 
next_unix_gid
integer or null <int32>   [ 100 .. 65535 ] 
(Optional) The GID used when creating a Server User


 
next_unix_uid
integer or null <int32>   [ 100 .. 65535 ] 
(Optional) The UID used when creating a Server User


 
rdp_session_recording
boolean or null
(Optional) If true, enables recording of all RDP sessions to Servers in this Project. Default is false. This feature is currently in EA.


 
require_preauth_for_creds
boolean or null
(Optional) If true, the Project requires preauthorization before a User can access a Server. Default is false.


 
ssh_certificate_type
string or null (SSHCertificateType) 
(Optional) The type of signature algorithm used for authentication keys. Default is CERT_TYPE_ED25519_01.


 Enum: "CERT_TYPE_ECDSA_256_01" "CERT_TYPE_ECDSA_384_01" "CERT_TYPE_ECDSA_521_01" "CERT_TYPE_ED25519_01" "CERT_TYPE_RSA_01" "CERT_TYPE_RSA_SHA2_256_01" "CERT_TYPE_RSA_SHA2_512_01"  
ssh_session_recording
boolean or null
(Optional) If true, enables recording of all SSH sessions to Servers in this Project. Default is false.


 
user_on_demand_period
integer or null <int64>   <= 4294967295 
(Optional) The time period in seconds before an on-demand user account expires and is removed from a Server. 0 if disabled. This is the default,


 
Responses 
201
Created


post/v1/teams/{team_name}/projects
Request samples 
application/json
{
  • "create_server_users": true,
  • "deleted_at": null,
  • "force_shared_ssh_users": false,
  • "forward_traffic": true,
  • "gateway_selector": null,
  • "id": "",
  • "name": "the-sound-and-the-fury",
  • "next_unix_gid": null,
  • "next_unix_uid": 0,
  • "rdp_session_recording": true,
  • "require_preauth_for_creds": true,
  • "shared_admin_user_name": null,
  • "shared_standard_user_name": null,
  • "ssh_session_recording": true,
  • "team": "william-faulkner",
  • "user_on_demand_period": null
}
Response samples 
application/json
{
  • "create_server_users": true,
  • "deleted_at": "0001-01-01T00:00:00Z",
  • "force_shared_ssh_users": false,
  • "forward_traffic": true,
  • "gateway_selector": "env in (dev,prod),region=us-west-2,release notin (canary,stable)",
  • "id": "435a700c-a6cb-4031-82bf-3674beaa9bc9",
  • "name": "the-sound-and-the-fury",
  • "next_unix_gid": 63001,
  • "next_unix_uid": 60001,
  • "rdp_session_recording": true,
  • "require_preauth_for_creds": true,
  • "shared_admin_user_name": null,
  • "shared_standard_user_name": null,
  • "ssh_session_recording": true,
  • "team": "william-faulkner",
  • "user_on_demand_period": 0
}
Retrieve a Project
Admin roles: 
  • access_user
  • access_admin
  • reporting_user
Retrieves the details of a Project


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
Responses 
200
OK


get/v1/teams/{team_name}/projects/{project_name}
Request samples 
Response samples 
application/json
{
  • "create_server_users": true,
  • "deleted_at": "0001-01-01T00:00:00Z",
  • "force_shared_ssh_users": false,
  • "forward_traffic": true,
  • "gateway_selector": "env in (dev,prod),region=us-west-2,release notin (canary,stable)",
  • "id": "435a700c-a6cb-4031-82bf-3674beaa9bc9",
  • "name": "the-sound-and-the-fury",
  • "next_unix_gid": 63001,
  • "next_unix_uid": 60001,
  • "rdp_session_recording": true,
  • "require_preauth_for_creds": true,
  • "shared_admin_user_name": null,
  • "shared_standard_user_name": null,
  • "ssh_session_recording": true,
  • "team": "william-faulkner",
  • "user_on_demand_period": 0
}
Updates the details of a Project
Admin roles: 
  • access_admin
Updates the details of a Project


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
Request Body schema: application/json
required
create_server_users
boolean or null
(Optional) Whether to create Server Users for Users in this Project. Defaults to false. If false, you must ensure that accounts exist on the Server for each User.


 
forward_traffic
boolean or null
If true, forwards traffic to all Servers in the Project through a specified Gateway. Default is false.


 
next_unix_gid
integer or null <int32>   [ 100 .. 65535 ] 
(Optional) The GID used when creating a Server User


 
next_unix_uid
integer or null <int32>   [ 100 .. 65535 ] 
(Optional) The UID used when creating a Server User


 
rdp_session_recording
boolean or null
(Optional) If true, enables recording of all RDP sessions to Servers in this Project. Default is false. This feature is currently in EA.


 
require_preauth_for_creds
boolean or null
(Optional) If true, the Project requires preauthorization before a User can access a Server. Default is false.


 
ssh_certificate_type
string or null (SSHCertificateType) 
(Optional) The type of signature algorithm used for authentication keys. Default is CERT_TYPE_ED25519_01.


 Enum: "CERT_TYPE_ECDSA_256_01" "CERT_TYPE_ECDSA_384_01" "CERT_TYPE_ECDSA_521_01" "CERT_TYPE_ED25519_01" "CERT_TYPE_RSA_01" "CERT_TYPE_RSA_SHA2_256_01" "CERT_TYPE_RSA_SHA2_512_01"  
ssh_session_recording
boolean or null
(Optional) If true, enables recording of all SSH sessions to Servers in this Project. Default is false.


 
user_on_demand_period
integer or null <int64>   <= 4294967295 
(Optional) The time period in seconds before an on-demand user account expires and is removed from a Server. 0 if disabled. This is the default,


 
Responses 
204
No Content


put/v1/teams/{team_name}/projects/{project_name}
Request samples 
application/json
{
  • "create_server_users": true,
  • "forward_traffic": null,
  • "gateway_selector": null,
  • "next_unix_gid": 63011,
  • "next_unix_uid": 60011,
  • "rdp_session_recording": null,
  • "require_preauth_for_creds": false,
  • "shared_admin_user_name": null,
  • "shared_standard_user_name": null,
  • "ssh_session_recording": null,
  • "user_on_demand_period": null
}
Delete a Project
Admin roles: 
  • access_admin
Deletes a specified Project


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
Responses 
204
No Content


delete/v1/teams/{team_name}/projects/{project_name}
Request samples 
List all Client Configuration Options
Admin roles: 
  • access_user
  • access_admin
  • reporting_user
Lists all Client Configuration Options for a specified Project


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
Responses 
200
OK


get/v1/teams/{team_name}/projects/{project_name}/client_config_options
Request samples 
Response samples 
application/json
{
  • "list": [
    • {
      },
    • {
      }
    ]
}
Add a Client Configuration Option
Admin roles: 
  • access_admin
Adds a Client Configuration Option to a Project. Use Client Configuration Options to automatically pass settings to any Client that accesses a Server within the Project.


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
Request Body schema: application/json
required
config_key
required
string
The name of the Client Configuration Option


 Enum: "ssh.port_forward_method" "forward_client_trust.enable" "ssh.insecure_forward_agent"  
required
forward_client_trust.enable (object) or ssh.insecure_forward_agent (object) or ssh.port_forward_method (object)
The value of the Client Configuration Option


 
One of:
The value of the Client Configuration Option


object (forward_client_trust.enable) 
 Enum: "always" "ask" "never"  
Responses 
200
OK


post/v1/teams/{team_name}/projects/{project_name}/client_config_options
Request samples 
application/json
{
  • "config_key": "ssh.insecure_forward_agent",
  • "config_value": "host",
  • "id": ""
}
Response samples 
application/json
{
  • "config_key": "ssh.insecure_forward_agent",
  • "config_value": "host",
  • "id": "ec74cb65-b413-4c02-a6f7-7d08dca1ff73"
}
Delete a Client Configuration Option
Admin roles: 
  • access_admin
Deletes a Client Configuration Option from a Project


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
client_config_options_id
required
string
The UUID of the Client Config Options


 
Responses 
204
No Content


delete/v1/teams/{team_name}/projects/{project_name}/client_config_options/{client_config_options_id}
Request samples 
List all Cloud Accounts
Admin roles: 
  • access_user
  • reporting_user
Lists all Cloud Accounts for a specified Project


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
Responses 
200
OK


get/v1/teams/{team_name}/projects/{project_name}/cloud_accounts
Request samples 
Response samples 
application/json
{
  • "list": [
    • {
      },
    • {
      }
    ]
}
Add a Cloud Account
Admin roles: 
  • access_admin
Adds a Cloud Account to a specified Project. Servers created with this Cloud Account are automatically discovered and enrolled in the associated Project. Currently only Amazon Web Services (AWS) and Google Compute Engine (GCE) are supported.


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
Responses 
200
OK


post/v1/teams/{team_name}/projects/{project_name}/cloud_accounts
Request samples 
Response samples 
application/json
{
  • "account_id": "123456789012",
  • "description": "Dev AWS account",
  • "id": "59c74d69-5d72-4c96-b051-f42df1aee388",
  • "project_name": "the-sound-and-the-fury",
  • "provider": "aws"
}
Retrieve a Cloud Account
Admin roles: 
  • access_user
  • reporting_user
Retrieves a Cloud Account for a Project


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
cloud_account_uuid
required
string
The UUID of the Cloud Account


 
Responses 
200
OK


get/v1/teams/{team_name}/projects/{project_name}/cloud_accounts/{cloud_account_uuid}
Request samples 
Response samples 
application/json
{
  • "account_id": "123456789012",
  • "description": "Dev AWS account",
  • "id": "59c74d69-5d72-4c96-b051-f42df1aee388",
  • "project_name": "the-sound-and-the-fury",
  • "provider": "aws"
}
Update a Cloud Account
Admin roles: 
  • access_admin
Updates a Cloud Account for a Project


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
cloud_account_uuid
required
string
The UUID of the Cloud Account


 
Responses 
200
OK


put/v1/teams/{team_name}/projects/{project_name}/cloud_accounts/{cloud_account_uuid}
Request samples 
Response samples 
application/json
{
  • "account_id": "123456789012",
  • "description": "Dev AWS account",
  • "id": "59c74d69-5d72-4c96-b051-f42df1aee388",
  • "project_name": "the-sound-and-the-fury",
  • "provider": "aws"
}
Remove a Cloud Account
Admin roles: 
  • access_admin
Removes a Cloud Account from a Project


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
cloud_account_uuid
required
string
The UUID of the Cloud Account


 
Responses 
204
No Content


delete/v1/teams/{team_name}/projects/{project_name}/cloud_accounts/{cloud_account_uuid}
Request samples 
Retrieve a Cloud Account
Admin roles: 
  • access_user
  • reporting_user
Retrieves a Cloud Account for a Project


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
cloud_provider
required
string
The provider of the Cloud Account. Must be one of 'aws', 'gcp', or 'azure'


 
cloud_account_id
required
string
The ID of the Cloud Account assigned by the cloud provider


 
Responses 
200
OK


get/v1/teams/{team_name}/projects/{project_name}/cloud_provider/{cloud_provider}/accounts/{cloud_account_id}
Request samples 
Response samples 
application/json
{
  • "account_id": "123456789012",
  • "description": "Dev AWS account",
  • "id": "59c74d69-5d72-4c96-b051-f42df1aee388",
  • "project_name": "the-sound-and-the-fury",
  • "provider": "aws"
}
List all Groups in a Project
Admin roles: 
  • access_user
  • access_admin
  • reporting_user
Lists all Groups in a specified Project


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
Responses 
200
OK


get/v1/teams/{team_name}/projects/{project_name}/groups
Request samples 
Response samples 
application/json
{
  • "list": [
    • {
      }
    ]
}
Add a Group to a Project
Admin roles: 
  • access_admin
Adds a Group to a Project


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
Request Body schema: application/json
required
create_server_group
boolean or null
If true, a local (unix or windows) group is created on the Server and all relevant users are added to the local group. This does not impact user creation. Server Users are always created as long as create_server_users is set to true for the Project.


 
group
required
string  [ 1 .. 255 ] characters 
The name of the Group


 
server_access
required
boolean
If true, members of this Group have access to the Servers in the Project


 
server_admin
required
boolean
If true, members of this Group have sudo or Administrator permissions on the Project Servers


 
server_group_name
string or null  [ 1 .. 255 ] characters 
If create_server_group is true, indicates the name of the associated Server Group


 
servers_selector
string or null
(Optional) Kubernetes-style selector for Servers in the Project. Members of this Group can only access Servers that are assigned this selector.


 
unix_gid
integer or null <int64>   <= 4294967295 
If create_server_group is true, indicates the GID of the associated Server Group


 
Responses 
204
No Content


post/v1/teams/{team_name}/projects/{project_name}/groups
Request samples 
application/json
{
  • "create_server_group": true,
  • "deleted_at": null,
  • "group": "compsons",
  • "group_id": "",
  • "id": "",
  • "name": "compsons",
  • "removed_at": null,
  • "server_access": true,
  • "server_admin": false,
  • "server_group_name": null,
  • "unix_gid": null
}
Retrieve a Group in a Project
Admin roles: 
  • access_user
  • access_admin
  • reporting_user
Retrieve the Project-level details for a specified Group


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
group_name
required
string
The ASA Group name


 
Responses 
200
OK


get/v1/teams/{team_name}/projects/{project_name}/groups/{group_name}
Request samples 
Response samples 
application/json
{
  • "create_server_group": true,
  • "deleted_at": null,
  • "group": "compsons",
  • "group_id": "4cac827b-3050-4e76-abf8-01429a6c2536",
  • "id": "",
  • "name": "compsons",
  • "profile_attributes": {
    • "unix_gid": 63000,
    • "unix_group_name": "sft_compsons",
    • "windows_group_name": "sft_compsons"
    },
  • "project": "the-sound-and-the-fury",
  • "removed_at": null,
  • "server_access": false,
  • "server_admin": true,
  • "server_group_name": null,
  • "unix_gid": null
}
Update a Group in a Project
Admin roles: 
  • access_admin
Updates the Project-level details for a specified Group


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
group_name
required
string
The ASA Group name


 
Request Body schema: application/json
required
create_server_group
boolean or null
If true, a local (unix or windows) group is created on the Server and all relevant users are added to the local group. This does not impact user creation. Server Users are always created as long as create_server_users is set to true for the Project.


 
group
required
string  [ 1 .. 255 ] characters 
The name of the Group


 
server_access
required
boolean
If true, members of this Group have access to the Servers in the Project


 
server_admin
required
boolean
If true, members of this Group have sudo or Administrator permissions on the Project Servers


 
server_group_name
string or null  [ 1 .. 255 ] characters 
If create_server_group is true, indicates the name of the associated Server Group


 
servers_selector
string or null
(Optional) Kubernetes-style selector for Servers in the Project. Members of this Group can only access Servers that are assigned this selector.


 
unix_gid
integer or null <int64>   <= 4294967295 
If create_server_group is true, indicates the GID of the associated Server Group


 
Responses 
204
No Content


put/v1/teams/{team_name}/projects/{project_name}/groups/{group_name}
Request samples 
application/json
{
  • "create_server_group": true,
  • "deleted_at": null,
  • "group": "compsons",
  • "group_id": "",
  • "id": "",
  • "name": "compsons",
  • "removed_at": null,
  • "server_access": false,
  • "server_admin": true,
  • "server_group_name": null,
  • "unix_gid": null
}
Remove a Group from a Project
Admin roles: 
  • access_admin
Removes a Group from a Project. This doesn't delete the Group from the Team.


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
group_name
required
string
The ASA Group name


 
Responses 
204
No Content


delete/v1/teams/{team_name}/projects/{project_name}/groups/{group_name}
Request samples 
List all Preauthorizations
Admin roles: 
  • access_admin
Lists all Preauthorizations for a specified Project


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
query Parameters
offset
string
The UUID of an object used as an offset for pagination


 
count
integer <int32> 
Controls the number of objects listed per page


 
descending
boolean
If 'true', the most recent results are listed first


 
prev
boolean
Controls the direction of paging


 
include_expired
boolean
If 'true', results include expired preauthorizations


 
project
string
If defined, results only include preauthorizations for the specified Project. This doesn't apply if used against a Project-specific endpoint.


 
Responses 
200
OK


get/v1/teams/{team_name}/projects/{project_name}/preauthorizations
Request samples 
Response samples 
application/json
{
  • "list": [
    • {
      }
    ]
}
Create a Preauthorization
Admin roles: 
  • access_admin
Creates a Preauthorization for a Project. A Preauthorization is a time-limited grant for a User to access resources in a specific Project.


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
Request Body schema: application/json
required
disabled
required
boolean
Indicates the status of the Preauthorization. If true, the Preauthorization is disabled.


 
expires_at
required
string <date-time> 
A timestamp indicating when the Preauthorization expires


 
projects
required
Array of strings
The Project associated with the Preauthorization


 
servers
Array of strings or null
The Servers accessed using the Preauthorization


 
user_name
required
string  [ 1 .. 255 ] characters 
The User associated with the Preauthorization


 
Responses 
204
Created


post/v1/teams/{team_name}/projects/{project_name}/preauthorizations
Request samples 
application/json
{
  • "disabled": false,
  • "expires_at": "2020-07-28T18:30:00Z",
  • "id": "",
  • "projects": [
    • "the-sound-and-the-fury"
    ],
  • "servers": null,
  • "user_name": "jason.compson"
}
Retrieve a Preauthorization
Admin roles: 
  • access_admin
Retrieves a Preauthorization for a specified project


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
authorization_id
required
string
The UUID of the Authorization


 
Responses 
200
OK


get/v1/teams/{team_name}/projects/{project_name}/preauthorizations/{authorization_id}
Request samples 
Response samples 
application/json
{
  • "disabled": false,
  • "expires_at": "2020-07-28T18:30:00Z",
  • "id": "566b0fa9-f3ef-4825-a390-16d1766764a0",
  • "projects": [
    • "the-sound-and-the-fury"
    ],
  • "servers": null,
  • "user_name": "jason.compson"
}
Update a Preauthorization
Admin roles: 
  • access_admin
Update a Preauthorization for a Project


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
authorization_id
required
string
The UUID of the Authorization


 
Request Body schema: application/json
required
disabled
required
boolean
Indicates the status of the Preauthorization. If true, the Preauthorization is disabled.


 
expires_at
required
string <date-time> 
A timestamp indicating when the Preauthorization expires


 
projects
required
Array of strings
The Project associated with the Preauthorization


 
servers
Array of strings or null
The Servers accessed using the Preauthorization


 
user_name
required
string  [ 1 .. 255 ] characters 
The User associated with the Preauthorization


 
Responses 
200
OK


put/v1/teams/{team_name}/projects/{project_name}/preauthorizations/{authorization_id}
Request samples 
application/json
{
  • "disabled": true,
  • "expires_at": "2020-07-28T18:30:00Z",
  • "id": "",
  • "projects": [
    • "the-sound-and-the-fury"
    ],
  • "servers": null,
  • "user_name": "jason.compson"
}
Response samples 
application/json
{
  • "disabled": true,
  • "expires_at": "2020-07-28T18:30:00Z",
  • "id": "566b0fa9-f3ef-4825-a390-16d1766764a0",
  • "projects": [
    • "the-sound-and-the-fury"
    ],
  • "servers": null,
  • "user_name": "jason.compson"
}
List all Server Enrollment Tokens
Admin roles: 
  • access_user
  • access_admin
  • server_enrollment_token_viewer
Lists all Server Enrollment Tokens for a specified Project


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
Responses 
200
OK


get/v1/teams/{team_name}/projects/{project_name}/server_enrollment_tokens
Request samples 
Response samples 
application/json
{
  • "list": [
    • {
      }
    ]
}
Create a Server Enrollment Token
Admin roles: 
  • access_user
  • access_admin
  • server_enrollment_token_creator
Creates a Server Enrollment Token for a specified Project. These tokens are used to enroll a Server in the Project.


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
Request Body schema: application/json
required
description
required
string  [ 1 .. 512 ] characters 
A human-readable description of the purpose of this Server Enrollment Token


 
Responses 
201
Created


post/v1/teams/{team_name}/projects/{project_name}/server_enrollment_tokens
Request samples 
application/json
{
  • "description": "string"
}
Response samples 
application/json
{
  • "created_by_user": "string",
  • "description": "string",
  • "id": "/regex/",
  • "issued_at": "2019-08-24T14:15:22Z",
  • "token": {
    • "property1": "string",
    • "property2": "string"
    }
}
Retrieve a Server Enrollment Token
Admin roles: 
  • access_user
  • access_admin
  • server_enrollment_token_viewer
Retrieves a Server Enrollment Token from a Project


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
server_enrollment_token_id
required
string
The UUID of the Server Enrollment Token


 
Responses 
200
OK


get/v1/teams/{team_name}/projects/{project_name}/server_enrollment_tokens/{server_enrollment_token_id}
Request samples 
Response samples 
application/json
{
  • "created_by_user": "string",
  • "description": "string",
  • "id": "/regex/",
  • "issued_at": "2019-08-24T14:15:22Z",
  • "token": {
    • "property1": "string",
    • "property2": "string"
    }
}
Delete a Server Enrollment Token
Admin roles: 
  • access_admin
Deletes a Server Enrollment Token from a Project


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
server_enrollment_token_id
required
string
The UUID of the Server Enrollment Token


 
Responses 
204
No Content


delete/v1/teams/{team_name}/projects/{project_name}/server_enrollment_tokens/{server_enrollment_token_id}
Request samples 
List all Server Users for a Project
Admin roles: 
  • access_user
  • access_admin
  • reporting_user
List all Server Users for a specified Project. A Server User is a representation of a User that is created on an enrolled Server.


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
Responses 
200
List of Server Users


get/v1/teams/{team_name}/projects/{project_name}/server_users
Request samples 
Response samples 
application/json
{
  • "list": [
    • {
      },
    • {
      }
    ]
}
Retrieve a Server User for a Project
Admin roles: 
  • access_user
  • access_admin
  • reporting_user
Retrieves a Server User for a Project


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
user_name
required
string
The relevant username


 
Responses 
200
Server User


get/v1/teams/{team_name}/projects/{project_name}/server_users/{user_name}
Request samples 
Response samples 
application/json
{
  • "list": {
    • "user_name": "benjycompson",
    • "server_user_name": "benjy",
    • "status": "ACTIVE",
    • "type": "human",
    • "unix_uid": 60001,
    • "unix_gid": 63001,
    • "admin": true,
    • "windows_server_user_name": "benjy",
    • "id": "220ed32b-72ae-456e-b2f7-1eccad4c6cab"
    }
}
List all Servers in a Project
Admin roles: 
  • access_user
  • access_admin
  • server_admin
Lists all Servers enrolled in a specified Project


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
Responses 
200
OK


get/v1/teams/{team_name}/projects/{project_name}/servers
Request samples 
Response samples 
application/json
{
  • "list": [
    • {
      },
    • {
      }
    ]
}
Add an Unmanaged Server to a Project
Admin roles: 
  • access_user
  • access_admin
  • server_admin
Adds an unmanaged Server to a specified Project. Unmanaged Servers don't use Advanced Server Access for authentication, but still receive Client Configuration Options. Create an Unmanaged Server to control connection options such as port and agent forwarding for Users without requiring sftd to manage the Server.


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
Request Body schema: application/json
required
access_address
required
string
The access address of the Server


 
alt_names
Array of strings or null
(Optional) Alternative names for the Server


 
hostname
required
string
The hostname of the Server


 
Responses 
200
OK


post/v1/teams/{team_name}/projects/{project_name}/servers
Request samples 
application/json
{
  • "access_address": "1.2.3.4",
  • "alt_names": [
    • "bastion"
    ],
  • "credentialed": false,
  • "hostname": "bastion.dev.com",
  • "os_type": "",
  • "ssh_host_keys": null
}
Response samples 
application/json
{
  • "access_address": null,
  • "alt_names": null,
  • "bastion": null,
  • "broker_host_certs": null,
  • "canonical_name": null,
  • "cloud_provider": null,
  • "deleted_at": "0001-01-01T00:00:00Z",
  • "hostname": "bastion.dev.com",
  • "id": "ccdda5bf-9a2f-45ee-a7e4-66a9700f8ab8",
  • "instance_details": null,
  • "instance_id": null,
  • "last_seen": "0001-01-01T00:00:00Z",
  • "managed": false,
  • "os": "",
  • "os_type": null,
  • "registered_at": "0001-01-01T00:00:00Z",
  • "services": [ ],
  • "sftd_version": null,
  • "ssh_host_keys": null,
  • "state": "ACTIVE",
  • "team_name": "william-faulkner"
}
Retrieve a Server from a Project
Admin roles: 
  • access_user
  • access_admin
  • server_admin
Retrieves the details of a specified Server.


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
server_id
required
string
The UUID of the Server


 
Responses 
200
OK


get/v1/teams/{team_name}/projects/{project_name}/servers/{server_id}
Request samples 
Response samples 
application/json
{
  • "access_address": null,
  • "alt_names": null,
  • "bastion": null,
  • "broker_host_certs": null,
  • "canonical_name": null,
  • "cloud_provider": null,
  • "deleted_at": "0001-01-01T00:00:00Z",
  • "hostname": "harvard",
  • "id": "9963d86c-dd31-44ef-86a6-23ccaf859b35",
  • "instance_details": null,
  • "instance_id": null,
  • "last_seen": "0001-01-01T00:00:00Z",
  • "managed": true,
  • "os": "Ubuntu 16.04",
  • "os_type": "linux",
  • "registered_at": "0001-01-01T00:00:00Z",
  • "services": [
    • "broker",
    • "ssh"
    ],
  • "sftd_version": "1.44.4",
  • "ssh_host_keys": null,
  • "state": "INACTIVE",
  • "team_name": "william-faulkner"
}
Update a Server for a Project
Admin roles: 
  • access_admin
  • server_admin
Updates a Server for a specified Project. This operation is intended for use with the PolicySync feature, see PolicySync: Attribute-Based Access Control.


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
server_id
required
string
The UUID of the Server


 
Request Body schema: application/json
required
object or null
(Optional) A map of key value pairs. These labels overwrite all labels previously supplied through the API for this server. You can only update labels from other sources using that source. If you don't supply the prefix 'api.', it is automatically prepended.


 
property name*
additional property
string
 
Responses 
204
No Content


put/v1/teams/{team_name}/projects/{project_name}/servers/{server_id}
Request samples 
application/json
{
  • "labels": {
    • "foo": "bar"
    }
}
Remove a Server from a Project
Admin roles: 
  • access_admin
  • server_admin
Removes a Server from a specified Project


SecuritybearerAuth 
Request 
path Parameters
team_name
required
string
The name of your Team


 
project_name
required
string
The Project name


 
server_id
required
string
The UUID of the Server


 
Responses 
204
No Content


delete/v1/teams/{team_name}/projects/{project_name}/servers/{server_id}
Request samples